Buy or Renew
Buy or Renew
Welcome to the new Cisco Community. LEARN MORE about the updates and what is coming.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Help required for setup Expressway C & E

Go to solution
rupam_chakra1983
Beginner
Beginner

‎03-21-2017 02:18 PM - edited ‎03-19-2019 12:14 PM

Hi

I am trying to setup MRA .

But its unsuccessful. and getting the error in the status > unified communication

I am not using any TLS and have not uploaded any certificate since i am not using a secure deployment.

any help in troubleshooting appreciated.

2 people had this problem
Labels:
Preview file
310 KB
0 Helpful
21 REPLIES 21

Go to solution
Sushant Sharma
Beginner
Beginner
In response to rupam_chakra1983

‎03-31-2017 03:59 PM

so that means your _collab-edge._tls.domain.com is working fine.

first, check 5222 port is open from external network 

use this site to check firewall ports http://www.yougetsignal.com/tools/open-ports/

Make sure your IMP is active in expressway-C.

Important Note: Define your internal as well as external domain in expressway-c and enable cucm and IMP registration for the public domain. it seems you are using the only internal domain in expressway-c no issues define external domain also inside the domains option.

if a still issue is there then delete IMP and CUCM servers and add again.

Make sure you are using Public CA or Open SSL because  certificate is mandatory to log in from outside:

Best practice is to use external public CA because open SSL will not help you to register your IP phone, Dx series, telepresence endpoints over the MRA.

Note: while signing CSR keep in mind expressway will not support wildcard certificate 

0 Helpful

Go to solution
rupam_chakra1983
Beginner
Beginner
In response to Sushant Sharma

‎04-03-2017 03:49 PM

Hi  Sushant

I tired troubleshooting the issue today and this time i am getting the " cannot communicate with server error " from internet.

The error is not consistent last time when i checked it was giving username and password invalid error.

I am attaching a fresh log from express c,e and jabber PRT

3042017.zip
0 Helpful

Go to solution
Sushant Sharma
Beginner
Beginner
In response to rupam_chakra1983

‎04-03-2017 10:51 PM

If you want to resolve issue you need to troubleshoot step by step .

I can see in logs _collab-edge._tls.domain.com is not resolving from externally .

try below commands from your side.

1) SRV Records not working externally >

C:\Users\sushants>nslookup
Default Server: Cisco00447
Address: 192.168.1.1

> set type=srv
> _collab-edge._tls.sddclab.com
Server: Cisco00447
Address: 192.168.1.1

*** No Service location (SRV) records available for _collab-edge._tls.sddclab.com

2) No Public CA valid certificate installed in expressway-e check attached images 

check SRV records because traffic is not reaching expressway-e 

Preview file
59 KB
Preview file
14 KB
Preview file
36 KB
0 Helpful

Go to solution
rupam_chakra1983
Beginner
Beginner
In response to Sushant Sharma

‎04-04-2017 07:49 AM

Hi Sushant

The domain you are looking is my internal domain

my external domain is uc.itp-inc.com

> _collab-edge._tls.uc.itp-inc.com
Server:  aes-static-102.47.22.125.airtel.in
Address:  125.22.47.102
Non-authoritative answer:
_collab-edge._tls.uc.itp-inc.com        SRV service location:
          priority       = 10
          weight         = 10
          port           = 8443
          svr hostname   = CL1-EXP-E-01.itp-inc.com
cl1-exp-e-01.itp-inc.com        internet address = 111.93.141.138
I don't have a public CA  service .I have my internal CA that I have used to sign the Expressway C & E CSR.
The tunnel between C & E is active
I have created both internal and external domain in the expressway
0 Helpful